ã¬ããããã瀟
Red Hat Enterprise Linux 8.1 ã¯ãæ°ããäºæž¬å¯èœãªéçºãµã€ã¯ã«ã«åŸã£ãŠæºåãããæåã®ãªãªãŒã¹ã§ãããããã¯ãXNUMX ãæããšã«æå®ã®ææã«ãªãªãŒã¹ã圢æãããããšãæå³ããŸããæ°ãããªãªãŒã¹ããã€å ¬éããããã«ã€ããŠæ£ç¢ºãªæ å ±ãããã°ãããŸããŸãªãããžã§ã¯ãã®éçºã¹ã±ãžã¥ãŒã«ãåæããæ°ãããªãªãŒã¹ã«åããŠäºåã«æºåããæŽæ°ããã€é©çšãããããèšç»ããããšãã§ããŸãã
泚ç®ãããã®ã¯ãæ°ãã
åé¢ãããã³ã³ãããŒã§ã¢ããªã±ãŒã·ã§ã³ãå®è¡ããããã®æå°éã®ãŠãããŒãµã« ããŒã¹ ã€ã¡ãŒãž (UBIããŠãããŒãµã« ããŒã¹ ã€ã¡ãŒãž)
éµ
- ã©ã€ãããããé©çšããã¡ã«ããºã ã®å®å
šãªãµããŒããæäŸãããŠããŸã(
kããã ) ã·ã¹ãã ãåèµ·åãããäœæ¥ãåæ¢ãããããããšãªããLinux ã«ãŒãã«ã®è匱æ§ãæé€ããŸãã以åã¯ãkpatch ã¯å®éšçãªæ©èœãšããŠåé¡ãããŠããŸããã - æ çµã¿ã«åºã¥ããŠ
fapolicyed ã¢ããªã±ãŒã·ã§ã³ã®ãã¯ã€ã ãªã¹ããšãã©ã㯠ãªã¹ããäœæããæ©èœãå®è£ ãããŠããããŠãŒã¶ãŒãã©ã®ããã°ã©ã ãèµ·åã§ããããã©ã®ããã°ã©ã ãèµ·åã§ããªãããåºå¥ã§ããããã«ãªããŸãã (ããšãã°ãæªæ€èšŒã®å€éšå®è¡å¯èœãã¡ã€ã«ã®èµ·åããããã¯ãããã)ãèµ·åããããã¯ãããèš±å¯ãããã¯ãã¢ããªã±ãŒã·ã§ã³åããã¹ãã³ã³ãã³ã ããã·ã¥ãããã³ MIME ã¿ã€ãã«åºã¥ããŠæ±ºå®ã§ããŸããã«ãŒã«ãã§ãã¯ã¯ open() ããã³ exec() ã·ã¹ãã ã³ãŒã«äžã«è¡ããããããããã©ãŒãã³ã¹ã«æªåœ±é¿ãäžããå¯èœæ§ããããŸãã - ãã®æ§æã«ã¯ãåé¢ãããã³ã³ãããŒã§ã®äœ¿çšã«éç¹ã眮ããã³ã³ãããŒå
ã§å®è¡ãããŠãããµãŒãã¹ãããã¹ã ã·ã¹ãã ãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ããã詳现ã«å¶åŸ¡ã§ããããã«ãã SELinux ãããã¡ã€ã«ãå«ãŸããŠããŸããã³ã³ãããŒã® SELinux ã«ãŒã«ãçæããããã«ãæ°ãã udica ãŠãŒãã£ãªãã£ãææ¡ãããŸãããããã«ãããç¹å®ã®ã³ã³ãããŒã®è©³çŽ°ãèæ
®ããŠãã¹ãã¬ãŒãžãããã€ã¹ããããã¯ãŒã¯ãªã©ãå¿
èŠãªå€éšãªãœãŒã¹ãžã®ã¢ã¯ã»ã¹ã®ã¿ãæäŸã§ããããã«ãªããŸãã SELinux ãŠãŒãã£ãªã㣠(libsepolãlibselinuxãlibsemanageãpolicycoreutilsãcheckpolicyãmcstrans) ã¯ãªãªãŒã¹ 2.9 ã«æŽæ°ãããSETools ããã±ãŒãžã¯ããŒãžã§ã³ 4.2.2 ã«æŽæ°ãããŸããã
æ°ãã SELinux ã¿ã€ããboltd_t ãè¿œå ãããŸãããããã¯ãThunderbolt 3 ããã€ã¹ã管çããããã»ã¹ã§ããboltd ãå¶éããŸã (boltd ã¯ãSELinux ã«ãã£ãŠå¶éãããã³ã³ããå ã§å®è¡ãããããã«ãªããŸãã)ãæ°ããã¯ã©ã¹ã® SELinux ã«ãŒã« - bpf ãè¿œå ããŸãããããã¯ãBerkeley Packet Filter (BPF) ãžã®ã¢ã¯ã»ã¹ãå¶åŸ¡ããeBPF ã®ã¢ããªã±ãŒã·ã§ã³ãæ€æ»ããŸãã
- ã«ãŒãã£ã³ã°ãããã³ã«ã®ã¹ã¿ãã¯ãå«ãŸããŠããŸã
FRã«ãŒãã£ã³ã° (BGP4ãMP-BGPãOSPFv2ãOSPFv3ãRIPv1ãRIPv2ãRIPngãPIM-SM/MSDPãLDPãIS-IS)ãããã¯ã以åã«äœ¿çšãããŠãã Quagga ããã±ãŒãžã眮ãæããŸãã (FRRouting 㯠Quagga ã®ãã©ãŒã¯ã§ãããããäºææ§ã¯åœ±é¿ãåããŸããã§ãã) ); - LUKS2 圢åŒã®æå·åããŒãã£ã·ã§ã³ã®å Žåãã·ã¹ãã ã§ã®äœ¿çšãåæ¢ããããšãªãããªã³ã¶ãã©ã€ã§ããã㯠ããã€ã¹ãåæå·åããããã®ãµããŒããè¿œå ãããŸãã (ããšãã°ãããŒãã£ã·ã§ã³ãã¢ã³ããŠã³ãããã«ããŒãæå·åã¢ã«ãŽãªãºã ãå€æŽã§ããããã«ãªããŸãã)ã
- æ°ãããšãã£ã·ã§ã³ã® SCAP 1.3 ãããã³ã« (ã»ãã¥ãªã㣠ã³ã³ãã³ã ãªãŒãã¡ãŒã·ã§ã³ ãããã³ã«) ã®ãµããŒãã OpenSCAP ãã¬ãŒã ã¯ãŒã¯ã«è¿œå ãããŸããã
- OpenSSH 8.0p1ãTuned 2.12ãchrony 3.5ãsamba 4.10.4 ã®æŽæ°ããŒãžã§ã³ã PHP 7.3ãRuby 2.6ãNode.js 12ãnginx 1.16 ã®æ°ãããã©ã³ããå«ãã¢ãžã¥ãŒã«ã AppStream ãªããžããªã«è¿œå ãããŸãã (以åã®ãã©ã³ããå«ãã¢ãžã¥ãŒã«ã®æŽæ°ã¯ç¶ç¶ãããŠããŸã)ã GCC 9ãLLVM 8.0.1ãRust 1.37ãããã³ Go 1.12.8 ãå«ãããã±ãŒãžããœãããŠã§ã¢ ã³ã¬ã¯ã·ã§ã³ã«è¿œå ãããŸããã
- SystemTap ãã¬ãŒã¹ ããŒã«ãããã¯ãã©ã³ã 4.1 ã«æŽæ°ãããValgrind ã¡ã¢ãª ãããã° ããŒã«ãããã¯ããŒãžã§ã³ 3.15 ã«æŽæ°ãããŸããã
- æ°ãããã«ã¹ãã§ã㯠ãŠãŒãã£ãªãã£ãèå¥ãµãŒã㌠ãããã€ã¡ã³ã ããŒã« (IdMãã¢ã€ãã³ãã£ãã£ç®¡ç) ã«è¿œå ãããŸãããããã«ãããèå¥ãµãŒããŒã䜿çšããç°å¢ã®éçšã«é¢ããåé¡ã®ç¹å®ãç°¡çŽ åãããŸãã Ansible ããŒã«ã®ãµããŒããšã¢ãžã¥ãŒã«ãã€ã³ã¹ããŒã«ããæ©èœã®ãããã§ãIdM ç°å¢ã®ã€ã³ã¹ããŒã«ãšæ§æãç°¡çŽ åãããŠããŸãã Windows Server 2019 ã«åºã¥ã Active Directory ä¿¡é Œããããã©ã¬ã¹ãã®ãµããŒããè¿œå ãããŸããã
- ä»®æ³ãã¹ã¯ããã ã¹ã€ããã£ãŒã¯ GNOME ã¯ã©ã·ã㯠ã»ãã·ã§ã³ã§å€æŽãããŸããããã¹ã¯ãããéãåãæ¿ããããã®ãŠã£ãžã§ããã¯ãäžéšããã«ã®å³åŽã«é 眮ããããã¹ã¯ãããã®ãµã ãã€ã«ãå«ãã¹ããªãããšããŠèšèšãããŠããŸã (å¥ã®ãã¹ã¯ãããã«åãæ¿ããã«ã¯ããã®å 容ãåæ ãããµã ãã€ã«ãã¯ãªãã¯ããã ãã§ã)ã
- DRM (ãã€ã¬ã¯ã ã¬ã³ããªã³ã° ãããŒãžã£ãŒ) ãµãã·ã¹ãã ãšäœã¬ãã«ã®ã°ã©ãã£ã㯠ãã©ã€ã㌠(amdgpuãnouveauãi915ãmgag200) ããLinux 5.1 ã«ãŒãã«ã«äžèŽããããã«æŽæ°ãããŸããã AMD Raven 2ãAMD PicassoãAMD VegaãIntel Amber Lake-YãIntel Comet Lake-U ãã㪠ãµãã·ã¹ãã ã®ãµããŒããè¿œå ããŸããã
- RHEL 7.6 ãã RHEL 8.1 ã«ã¢ããã°ã¬ãŒãããããã®ããŒã«ãããã«ãARM64ãIBM POWER (ãªãã« ãšã³ãã£ã¢ã³)ãããã³ IBM Z ã¢ãŒããã¯ãã£ãŒã®åã€ã³ã¹ããŒã«ãè¡ããªãã¢ããã°ã¬ãŒãã®ãµããŒããè¿œå ãããŸãããã·ã¹ãã ã®äºåã¢ããã°ã¬ãŒã ã¢ãŒãã Web ã³ã³ãœãŒã«ã«è¿œå ãããŸãããã¢ããããŒãäžã«åé¡ãçºçããå Žåã«ç¶æ
ã埩å
ããããã® Cockpit-leapp ãã©ã°ã€ã³ãè¿œå ããŸããã /var ãã£ã¬ã¯ããªãš /usr ãã£ã¬ã¯ããªã¯å¥åã®ã»ã¯ã·ã§ã³ã«åãããŠããŸãã UEFIã®ãµããŒããè¿œå ãããŸãããã§
ãªãŒã ããã±ãŒãžã¯è£è¶³ãªããžããªããæŽæ°ãããŸã (ç¬èªã®ããã±ãŒãžãå«ã)ã - Image Builder ã«ãGoogle Cloud ããã³ Alibaba Cloud ã¯ã©ãŠãç°å¢çšã®ã€ã¡ãŒãžãæ§ç¯ããããã®ãµããŒããè¿œå ãããŸãããç»åã®å¡ãã€ã¶ããäœæãããšãã«ãä»»æã® Git ãªããžããªããã®è¿œå ãã¡ã€ã«ãå«ããããã« repo.git ã䜿çšããæ©èœãè¿œå ãããŸããã
- å²ãåœãŠãããã¡ã¢ãª ãããã¯ã®ç Žæãæ€åºããããã«ãmalloc ã®è¿œå ãã§ãã¯ã Glibc ã«è¿œå ãããŸããã
- dnf-utils ããã±ãŒãžã¯ãäºææ§ã確ä¿ããããã« yum-utils ã«ååå€æŽãããŸãã (dnf-utils ãã€ã³ã¹ããŒã«ããæ©èœã¯ä¿æãããŸããããã®ããã±ãŒãžã¯èªåçã« yum-utils ã«çœ®ãæããããŸã)ã
- Red Hat Enterprise Linux ã·ã¹ãã ããŒã«ã®æ°ãããšãã£ã·ã§ã³ãè¿œå ããŸããã
æäŸãã Ansible ã«åºã¥ãéäžæ§æ管çã·ã¹ãã ããããã€ããã¹ãã¬ãŒãžããããã¯ãŒãã³ã°ãæå»åæãSElinux ã«ãŒã«ãããã³ kdump ã¡ã«ããºã ã®äœ¿çšã«é¢é£ããç¹å®ã®æ©èœãæå¹ã«ãããµãã·ã¹ãã ãæ§æããããã®ã¢ãžã¥ãŒã«ãšããŒã«ã®ã»ãããããšãã°ãæ°ãã圹å²
ã¹ãã¬ãŒãžã䜿çšãããšããã£ã¹ã¯äžã®ãã¡ã€ã« ã·ã¹ãã ã®ç®¡çãLVM ã°ã«ãŒããè«çããŒãã£ã·ã§ã³ã®æäœãªã©ã®ã¿ã¹ã¯ãå®è¡ã§ããŸãã - VXLAN ããã³ GENEVE ãã³ãã«ã®ãããã¯ãŒã¯ ã¹ã¿ãã¯ã«ã¯ãICMP ãã±ãããå®å ã«å°éäžèœããããã±ããã倧ããããããããã³ããªãã€ã¬ã¯ã ã¡ãã»ãŒãžããåŠçããæ©èœãå®è£ ãããVXLAN ããã³ GENEVE ã§ã«ãŒã ãªãã€ã¬ã¯ããšãã¹ MTU æ€åºã䜿çšã§ããªãåé¡ã解決ãããŸããã ã
- XDP (eXpress Data Path) ãµãã·ã¹ãã ã®å®éšçå®è£
ãããã«ãããLinux ã¯ãDMA ãã±ãã ãããã¡ã«çŽæ¥ã¢ã¯ã»ã¹ããæ©èœãåãããããã¯ãŒã¯ ãã©ã€ã㌠ã¬ãã«ã§ããŸããããã¯ãŒã¯ ã¹ã¿ãã¯ã«ãã£ãŠ skbuff ãããã¡ãå²ãåœãŠãããåã®æ®µé㧠BPF ããã°ã©ã ãå®è¡ã§ããŸãã eBPF ã³ã³ããŒãã³ããšåæ§ã«ãLinux 5.0 ã«ãŒãã«ãšåæãããŸãã AF_XDP ã«ãŒãã« ãµãã·ã¹ãã ã®å®éšçãµããŒããè¿œå ããŸãã (
eXpressã®ããŒã¿ãã¹ ); - å®å
šãªãããã¯ãŒã¯ ãããã³ã«ã®ãµããŒããæäŸããã
TIPC (ééçãªããã»ã¹ééä¿¡)ãã¯ã©ã¹ã¿ãŒå ã®ããã»ã¹ééä¿¡ãçµç¹ããããã«èšèšãããŠããŸãããã®ãããã³ã«ã¯ãã¢ããªã±ãŒã·ã§ã³ãã¯ã©ã¹ã¿å ã®ã©ã®ããŒãã§å®è¡ãããŠãããã«é¢ä¿ãªããã¢ããªã±ãŒã·ã§ã³ãè¿ éãã€ç¢ºå®ã«éä¿¡ããããã®æ段ãæäŸããŸãã - é害çºçæã«ã³ã¢ãã³ããä¿åããããã®æ°ããã¢ãŒãã initramfs ã«è¿œå ãããŸããã
æ©æãã³ã "ãèªã¿èŸŒã¿ã®åæ段éã§åäœããŸãã - æ°ããã«ãŒãã« ãã©ã¡ãŒã¿ ipcmni_extend ãè¿œå ãããŸãããããã«ãããIPC ID å¶éã 32 KB (15 ããã) ãã 16 MB (24 ããã) ã«æ¡åŒµãããã¢ããªã±ãŒã·ã§ã³ãããå€ãã®å ±æã¡ã¢ãª ã»ã°ã¡ã³ãã䜿çšã§ããããã«ãªããŸãã
- Ipset ã¯ãªãªãŒã¹ 7.1 ã«æŽæ°ãããIPSET_CMD_GET_BYNAME ããã³ IPSET_CMD_GET_BYINDEX ãªãã¬ãŒã·ã§ã³ããµããŒããããŸããã
- æ¬äŒŒä¹±æ°ãžã§ãã¬ãŒã¿ã®ãšã³ããã㌠ããŒã«ãåãã rngd ããŒã¢ã³ã¯ãroot ãšããŠå®è¡ããå¿ èŠããªããªããŸãã
- å
å®ãããµããŒããæäŸ
ã€ã³ãã« OPA (ãªã ããã¹ ã¢ãŒããã¯ãã£) ãã¹ã ãã¡ããªã㯠ã€ã³ã¿ãŒãã§ã€ã¹ (HFI) ãåããæ©åšåãã§ãããIntel Optane DC æ°žç¶ã¡ã¢ãª ããã€ã¹ãå®å šã«ãµããŒãããŠããŸãã - ãããã° ã«ãŒãã«ã«ã¯ãããã©ã«ã㧠UBSAN (æªå®çŸ©åäœãµãã¿ã€ã¶ãŒ) æ€åºåšãåãããã«ããå«ãŸããŠãããã³ã³ãã€ã«ãããã³ãŒãã«è¿œå ã®ãã§ãã¯ãè¿œå ããŠãããã°ã©ã ã®åäœãæªå®çŸ©ã«ãªã£ãç¶æ³ (ããšãã°ãåæååã®ééçå€æ°ã®äœ¿çšãåå²ãªã©) ãæ€åºããŸãããŒãã«ããæŽæ°ã笊å·ä»ãæŽæ°åã®ãªãŒããŒãããŒãNULL ãã€ã³ã¿ãŒã®éåç §ããã€ã³ã¿ãŒã®äœçœ®åããã®åé¡ãªã©)ã
- ãªã¢ã«ã¿ã€ã æ¡åŒµæ©èœãåããã«ãŒãã« ãœãŒã¹ ããªãŒ (kernel-rt) ã¯ãã¡ã€ã³ã® RHEL 8 ã«ãŒãã« ã³ãŒããšåæãããŸãã
- PowerVM ä»®æ³ãããã¯ãŒã¯ã»ãã¯ãããžãŒãå®è£ ãã vNIC (ä»®æ³ãããã¯ãŒã¯ã»ã€ã³ã¿ãŒãã§ãŒã¹ã»ã³ã³ãããŒã©ãŒ) ãããã¯ãŒã¯ã»ã³ã³ãããŒã©ãŒçšã® ibmvnic ãã©ã€ããŒãè¿œå ããŸãããæ°ãããã©ã€ããŒã SR-IOV NIC ãšçµã¿åãããŠäœ¿çšââãããšãä»®æ³ãããã¯ãŒã¯ ã¢ããã¿ãŒ ã¬ãã«ã§ã®åž¯åå¹ ãšãµãŒãã¹å質ã®å¶åŸ¡ãå¯èœã«ãªããä»®æ³åãªãŒããŒããããš CPU è² è·ãå€§å¹ ã«åæžãããŸãã
- ããŒã¿æŽåæ§æ¡åŒµæ©èœã®ãµããŒããè¿œå ãããŸãããããã«ãããè¿œå ã®ä¿®æ£ãããã¯ãä¿åããããšã§ãã¹ãã¬ãŒãžãžã®æžã蟌ã¿æã«ããŒã¿ãæå·ããä¿è·ã§ããŸãã
- ããã±ãŒãžã®å®éšçãµããŒã (ãã¯ãããžãŒ ãã¬ãã¥ãŒ) ãè¿œå ããŸãã
nmstate 宣èšå API ãéããŠãããã¯ãŒã¯èšå®ã管çããããã® nmstatectl ã©ã€ãã©ãªãšãŠãŒãã£ãªãã£ãæäŸããŸã (ãããã¯ãŒã¯ç¶æ ã¯äºåå®çŸ©ãããå³ã®åœ¢åŒã§èšè¿°ãããŸã)ã - AES-GCM ããŒã¹ã®æå·åã䜿çšããã«ãŒãã« ã¬ãã« TLS (KTLS) å®è£
ã®å®éšçãµããŒããšãOverlayFSãcgroup v2ã
Stratis ãmdev (ã€ã³ãã«vGPU ) ããã³ ext4 ããã³ XFS ã® DAX (ããã㯠ããã€ã¹ ã¬ãã«ã䜿çšããã«ããŒãž ãã£ãã·ã¥ããã€ãã¹ãããã¡ã€ã« ã·ã¹ãã ãžã®çŽæ¥ã¢ã¯ã»ã¹)ã - DSAãTLS 1.0ãããã³ TLS 1.1 ã®ãµããŒãã¯å»æ¢ãããDEFAULT ã»ããããåé€ãããLEGACY ã«ç§»åãããŸãã (ãupdate-crypto-policies âset LEGACYã)ã
- 389-ds-base-legacy-tools ããã±ãŒãžã¯éæšå¥šã«ãªããŸããã
èªèšŒæžã¿
芪暩ã
ãã¹ãåã
æ§æ¬²ã匷ãã
ãããããŒã«ã
ãããã¯ãŒã¯ã¹ã¯ãªããã
NSS-pam-ldapdã
ã»ã³ãã¡ãŒã«ã
ypããŒã«
ypbind ãš ypservããããã¯å°æ¥ã®éèŠãªãªãªãŒã¹ã§å»æ¢ãããå¯èœæ§ããããŸãã - ifup ããã³ ifdown ã¹ã¯ãªããã¯ãnmcli çµç±ã§ NetworkManager ãåŒã³åºãã©ãããŒã«çœ®ãæããããŸãã (å€ãã¹ã¯ãªããã«æ»ãã«ã¯ããyum install network-scriptsããå®è¡ããå¿ èŠããããŸã)ã
åºæïŒ ãªãŒãã³ããã.ru